Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e2036393339.roa
File: 3139342e33312e3139352e302f32342d3234203d3e2036393339.roa (raw, json)
Hash identifier: W9TP2Rm4l8xoUS/tutElp2/bfb93giDIMDpBsA9a+kM=
Subject key identifier: F9:B0:A6:FF:0B:28:3B:98:23:AE:41:6F:00:3E:1C:39:E2:00:4B:FB
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 04DFE489EE9FF4528187A83BBCC94F6A13D95C57
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e2036393339.roa
Signing time: Fri 20 Jan 2023 07:09:18 +0000
ROA not before: Fri 20 Jan 2023 07:04:18 +0000
ROA not after: Fri 19 Jan 2024 07:09:18 +0000
asID: 6939
IP address blocks: 194.31.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:df:e4:89:ee:9f:f4:52:81:87:a8:3b:bc:c9:4f:6a:13:d9:5c:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 20 07:04:18 2023 GMT
Not After : Jan 19 07:09:18 2024 GMT
Subject: CN=F9B0A6FF0B283B9823AE416F003E1C39E2004BFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0d:d4:28:e9:18:0b:9d:a0:b9:82:98:9c:16:
0b:69:cc:52:b8:6f:7f:6f:13:b1:c2:b8:1b:59:f3:
e5:4a:66:c8:67:a4:1d:c5:93:47:8a:cb:85:5c:d9:
f2:c6:98:b9:c8:a7:8e:57:9b:30:80:64:a1:c4:40:
d1:7b:5b:22:ca:1d:4b:eb:f7:7e:03:9b:4e:b4:07:
a9:b8:ef:22:0b:5e:72:61:10:2f:e1:94:05:e4:26:
fd:4c:81:e2:c9:7e:c5:18:8d:b5:5f:8b:74:dd:ac:
98:4c:f6:e0:67:bf:64:00:d3:31:8e:cf:2d:5a:32:
3d:17:65:9b:39:c5:1d:82:69:a6:a4:72:fd:be:f5:
b0:14:03:7d:1f:35:d3:6e:20:ac:ba:18:a9:47:8d:
ac:a2:63:b3:4c:8e:8e:ec:b2:2a:49:fc:df:6b:e6:
5c:65:73:8f:11:1d:59:a8:76:0c:ca:1d:a1:92:ce:
12:0e:83:2c:66:15:08:83:21:be:06:ec:90:f0:0b:
62:a3:d7:5a:65:37:a0:31:b8:56:c2:f2:f2:6b:5a:
ae:6d:8d:78:bc:f0:ff:c6:c0:7b:8a:84:07:7a:d9:
e2:95:74:52:05:5c:6d:b3:fc:c1:65:24:f9:8e:79:
7a:37:45:66:16:cd:08:bb:a7:37:b4:d4:59:69:c5:
2f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B0:A6:FF:0B:28:3B:98:23:AE:41:6F:00:3E:1C:39:E2:00:4B:FB
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e2036393339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.195.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:bc:b6:48:a9:93:30:07:0d:d3:a7:f7:d9:c0:b1:06:56:5c:
27:c7:60:69:50:3c:a7:3c:80:e9:5a:fa:c8:eb:87:70:6f:6d:
0e:2e:48:89:3a:19:23:cc:ca:c0:ae:94:1e:e2:50:c4:95:b6:
56:00:31:1d:6a:62:97:9c:14:58:b7:50:63:4a:da:c3:56:c2:
30:3b:69:ef:05:76:26:e2:ee:98:11:02:d1:7a:b7:85:e8:1a:
f5:55:b9:d9:29:77:25:e3:d3:3e:7a:cc:3a:5f:ee:98:b5:9e:
9b:f5:11:5b:a3:d1:10:ef:18:f9:d2:43:25:1a:e4:96:51:2e:
3a:df:1b:7d:b6:80:71:90:5f:75:18:ef:06:bb:80:b6:0e:62:
e0:4b:c0:5f:dc:b4:c9:81:28:d4:5f:e1:dc:bb:59:c4:ed:c0:
aa:28:54:56:91:7c:77:16:04:a2:b5:a5:1f:b6:34:ff:a1:69:
bc:11:98:1d:78:82:f5:00:7a:15:d6:3e:78:7f:b1:a7:a5:32:
b6:75:89:a1:10:04:6a:c0:8f:17:b2:a6:a7:5b:c2:7d:5a:d5:
01:7d:e5:0b:dd:96:20:62:a1:a9:df:7c:9b:2a:29:95:cf:c9:
af:64:23:bb:14:ca:a2:22:a9:90:29:bd:ea:2a:f5:a0:99:7c:
5c:8e:a6:f1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUBN/kie6f9FKBh6g7vMlPahPZXFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzAxMjAwNzA0MThaFw0yNDAxMTkwNzA5MThaMDMxMTAvBgNV
BAMTKEY5QjBBNkZGMEIyODNCOTgyM0FFNDE2RjAwM0UxQzM5RTIwMDRCRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbDdQo6RgLnaC5gpicFgtpzFK4
b39vE7HCuBtZ8+VKZshnpB3Fk0eKy4Vc2fLGmLnIp45XmzCAZKHEQNF7WyLKHUvr
934Dm060B6m47yILXnJhEC/hlAXkJv1MgeLJfsUYjbVfi3TdrJhM9uBnv2QA0zGO
zy1aMj0XZZs5xR2Caaakcv2+9bAUA30fNdNuIKy6GKlHjayiY7NMjo7ssipJ/N9r
5lxlc48RHVmodgzKHaGSzhIOgyxmFQiDIb4G7JDwC2Kj11plN6AxuFbC8vJrWq5t
jXi88P/GwHuKhAd62eKVdFIFXG2z/MFlJPmOeXo3RWYWzQi7pze01FlpxS+tAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU+bCm/wsoO5gjrkFvAD4cOeIAS/swHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjM5MzMzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIf
wzANBgkqhkiG9w0BAQsFAAOCAQEAX7y2SKmTMAcN06f32cCxBlZcJ8dgaVA8pzyA
6Vr6yOuHcG9tDi5IiToZI8zKwK6UHuJQxJW2VgAxHWpil5wUWLdQY0raw1bCMDtp
7wV2JuLumBEC0Xq3hega9VW52Sl3JePTPnrMOl/umLWem/URW6PREO8Y+dJDJRrk
llEuOt8bfbaAcZBfdRjvBruAtg5i4EvAX9y0yYEo1F/h3LtZxO3AqihUVpF8dxYE
orWlH7Y0/6FpvBGYHXiC9QB6FdY+eH+xp6UytnWJoRAEasCPF7Kmp1vCfVrVAX3l
C92WIGKhqd98myoplc/Jr2QjuxTKoiKpkCm96ir1oJl8XI6m8Q==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:06:49 2025 by rpki-client